SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service





Category:   Application (E-mail Server)  >   IMail Server Vendors:   Ipswitch
IMail Server E-mail and Calendar Bugs May Let Remote Users Crash the Server
SecurityTracker Alert ID:  1011146
SecurityTracker URL:  http://securitytracker.com/id/1011146
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Sep 3 2004
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 8.13
Description:   Some denial of service vulnerabilities were reported in IMail Server. A remote user may be able to cause the server to crash.

The vendor reported that potential denial of service conditions exist in the Queue Manager, Web Calendaring, and Web Messaging components.

In the Queue Manager, an e-mail message with an abnormally long sender field may trigger a crash.

In Web Calendaring, calendar entries with specific content may trigger a crash. The nature of the specific content was not disclosed.

In Web Messaging, an e-mail message with an abnormally large 'To:' line may trigger a crash.

Impact:   A remote user may be able to cause the target service to crash.
Solution:   The vendor has released a fixed version (8.13), available at:

ftp://ftp.ipswitch.com/Ipswitch/Product_Support/IMail/imail813.exe
http://ipswitch.com/support/imail/releases/imail_professional/im813.html

Vendor URL:  ipswitch.com/support/imail/releases/imail_professional/im813.html (Links to External Site)
Cause:   Exception handling error, Input validation error
Underlying OS:  Windows (NT), Windows (2000), Windows (2003), Windows (XP)

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2018, SecurityGlobal.net LLC